Lucene search
K

163 matches found

debian
debian
added 2021/10/15 9:50 p.m.99 views

[SECURITY] [DLA 2785-1] linux-4.19 security update

Debian LTS Advisory DLA-2785-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings October 15, 2021 https://wiki.debian.org/LTS Package : linux-4.19 Version : 4.19.208-1deb9u1 CVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-3444 CVE-2021-3600 CVE-2021-3612 CVE-2021-3653...

8.8CVSS7AI score0.01245EPSS
Exploits11
nessus
nessus
added 2021/10/15 12:0 a.m.33 views

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9488)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-9488 advisory. - fuse: fix live lock in fuseiget Amir Goldstein Orabug: 33396682 CVE-2021-28950 - Bluetooth: defer cleanup of resources in hciunregisterdev Tetsuo Han...

7.8CVSS6.9AI score0.00734EPSS
Exploits2References9
nessus
nessus
added 2021/09/22 12:0 a.m.44 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2021-9459)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9459 advisory. - fs/namespace.c: fix mountpoint reference counter race Piotr Krysiuk Orabug: 33369433 CVE-2020-12114 CVE-2020-12114 - btrfs: only search for...

9.8CVSS7.2AI score0.07604EPSS
Exploits7References22
cbl_mariner
cbl_mariner
added 2021/09/09 3:3 p.m.9 views

CVE-2021-3655 affecting package kernel 5.10.189.1-1

CVE-2021-3655 affecting package kernel 5.10.189.1-1. A patched version of the package is available...

3.3CVSS7.4AI score0.00308EPSS
Exploits0
cve
cve
added 2021/08/05 8:48 p.m.423 views

CVE-2021-3655

CVE-2021-3655 is a Linux kernel SCTP vulnerability (present in kernels prior to affected fixes) where missing size validations on inbound SCTP packets may allow reading uninitialized memory. The initial description and connected advisories confirm the issue exists in the Linux kernel SCTP impleme...

3.3CVSS5.4AI score0.00308EPSS
Exploits0References3Affected Software1
prion
prion
added 2021/01/26 6:15 p.m.23 views

Design/Logic Flaw

An issue was discovered in certain Xerox WorkCentre products. They do not properly encrypt passwords. This affects 3655, 3655i, 58XX, 58XXi 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices...

5CVSS7.5AI score0.00805EPSS
Exploits0References1Affected Software30
cnnvd
cnnvd
added 2021/01/26 12:0 a.m.6 views

Multiple Xerox Product Encryption Issues Vulnerabilities

The Xerox 3655i, among others, is a multifunction printer from Xerox USA. A security vulnerability exists in several Xerox products. The following products and versions are affected: 3655, 3655i, 58XX, 58XXi 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 device...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References2
cve
cve
added 2019/11/13 3:45 p.m.90 views

CVE-2014-3655

CVE-2014-3655 affects JBoss KeyCloak; vulnerability is soft token deletion via CSRF. Notable details from connected docs indicate exposure in affected Keycloak releases and a fix later stated as Keycloak 1.0.2.Final. Practical impact is limited to CSRF-enabled token deletion without broader acces...

4.3CVSS4.6AI score0.00456EPSS
Exploits0References3Affected Software1
osv
osv
added 2019/02/10 5:29 p.m.4 views

CVE-2018-20770

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection...

9.8CVSS5.8AI score0.0106EPSS
Exploits0References1
osv
osv
added 2019/02/10 5:29 p.m.4 views

CVE-2018-20767

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is authenticated remote command execution...

8.8CVSS5.8AI score
Exploits0References1
lenovo
lenovo
added 2018/10/01 7:13 p.m.24 views

Intel CSME / SPS and TXE Vulnerabilities - Lenovo Support US

No description provided...

7.3CVSS5.7AI score0.03303EPSS
Exploits0
lenovo
lenovo
added 2018/09/20 4:57 p.m.594 views

Intel CSME / SPS and TXE Vulnerabilities - US

Lenovo Security Advisory: LEN-22810 Potential Impact: Elevation of privilege, information disclosure, denial of service Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3655, CVE-2018-3657, CVE-2018-3658, CVE-2018-3659, CVE-2018-3616 Summary Description: Intel has disclosed...

3.6CVSS2.1AI score0.03303EPSS
Exploits0
cve
cve
added 2018/09/12 7:0 p.m.55 views

CVE-2018-3655

The CVE-2018-3655 issue affects Intel CSME firmware before 11.21.55, Intel SPS before 4.0, and Intel TXE firmware before 3.1.55. The vulnerability allows an unauthenticated user with physical access to potentially modify or disclose information stored in the CSME/SPS/TXE subsystems. Exploitation ...

7.3CVSS6.4AI score0.00433EPSS
Exploits0References3Affected Software1
openvas
openvas
added 2018/05/22 12:0 a.m.54 views

Ubuntu: Security Advisory (USN-3655-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.3AI score0.60631EPSS
Exploits2References3
nvd
nvd
added 2017/08/29 3:29 p.m.14 views

CVE-2015-3655

Cross-site request forgery CSRF vulnerability in Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to hijack the authentication of administrators by leveraging improper enforcement of the anti-CSRF token...

8.8CVSS9AI score0.0072EPSS
Exploits0References2
cvelist
cvelist
added 2017/08/29 3:0 p.m.17 views

CVE-2015-3655

Cross-site request forgery CSRF vulnerability in Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to hijack the authentication of administrators by leveraging improper enforcement of the anti-CSRF token...

9AI score0.0072EPSS
Exploits0References2
cve
cve
added 2017/08/29 3:0 p.m.45 views

CVE-2015-3655

Aruba Networks ClearPass Policy Manager is affected by a CSRF vulnerability (CVE-2015-3655) in versions prior to 6.4.7 and 6.5.x prior to 6.5.2. The flaw allows remote attackers to hijack administrator authentication due to improper enforcement of the anti-CSRF token. According to CVSS v3.1, the ...

8.8CVSS8.8AI score0.0072EPSS
Exploits0References2Affected Software1
nessus
nessus
added 2016/12/22 12:0 a.m.65 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3655)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-3655 advisory. kernel-uek 4.1.12-61.1.23 - net: Fix use after free in the recvmmsg exit path Arnaldo Carvalho de Melo Orabug: 25298601 CVE-2016-7117 Tenable has extracted...

10CVSS6.8AI score0.24299EPSS
Exploits0References2
nessus
nessus
added 2016/08/29 12:0 a.m.29 views

Debian DSA-3655-1 : mupdf - security update

Two vulnerabilities were discovered in MuPDF, a lightweight PDF viewer. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2016-6265 Marco Grassi discovered a use-after-free vulnerability in MuPDF. An attacker can take advantage of this flaw to cause an...

9.8CVSS7.2AI score0.03772EPSS
Exploits1References8
openvas
openvas
added 2016/08/25 12:0 a.m.27 views

Debian: Security Advisory (DSA-3655-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.03772EPSS
Exploits1References3
Rows per page
Query Builder